Documenting all the places
personal data goes.


Legend: with your name, without your name.
Click on a circle above for names of organizations and details of data shared.

Companies that perform de-identification reviews receive data from providers (hospital, physician) and health payers (insurer) and send data back to them.

These companies perform de-identification reviews to see if their client's data can be linked to a source that reveals the individuals identity. An example would be to see if a client's health data adheres to HIPAA.


Privacert is an example of a company that performs de-identification services, though often using a description of the data elements and population, and not the actual data itself. [source]


(return to health DataMap)

Copyright © 2012-2016 President and Fellows Harvard University.